Detail
A detail for a distro and package affected by this vulnerability and its associated fix (if one is available).
Constructors
Properties
The CPE URI this vulnerability affects.
The package this vulnerability affects.
The version number at the end of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: 1.0.0-1.1.0, 2.4.6-2.4.8 and 4.5.6-4.6.8) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail.
The version number at the start of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: 1.0.0-1.1.0, 2.4.6-2.4.8 and 4.5.6-4.6.8) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail.
A vendor-specific description of this vulnerability.
The distro recommended CPE URI to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_cpe_uri.
The distro recommended package to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_package.
The distro recommended version to update to that contains a fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no such version is yet available.
Whether this detail is obsolete. Occurrences are expected not to point to obsolete details.
The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
The distro assigned severity of this vulnerability.
The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.